1
00:00:08,100 --> 00:00:15,480
A certificate is a small file that contains several pieces of information about its owner.

2
00:00:15,480 --> 00:00:23,640
This data can include the owner's EMAIL ADDRESS THE OWNER'S NAME THE CERTIFICATE usage type the validity

3
00:00:23,640 --> 00:00:34,200
period and the URLs for authority information access or AAA and certificate revocation list distribution

4
00:00:34,200 --> 00:00:38,150
point or CBP locations.

5
00:00:38,160 --> 00:00:46,280
A certificate also contains the key pair which is the private key and it's related public key.

6
00:00:46,680 --> 00:00:56,820
These keys are used in processes of validating identities digital signature sound encryption the key

7
00:00:56,820 --> 00:01:03,030
pair that each certificate generates works under the following conditions.

8
00:01:03,090 --> 00:01:11,220
When content is encrypted with a public key it can be decrypted only with the private key when content

9
00:01:11,220 --> 00:01:13,780
is encrypted with a private key.

10
00:01:13,860 --> 00:01:22,320
It can be decrypted only with a public key no other key is involved in the relationship between the

11
00:01:22,320 --> 00:01:30,660
keys from the from a single key player and the private key can not be derived in a reasonable amount

12
00:01:30,660 --> 00:01:34,380
of time from a public key and twice a year.

13
00:01:36,150 --> 00:01:44,460
During the enrollment process the client generates the private key while the CEA generates a corresponding

14
00:01:44,460 --> 00:01:54,480
public key certificates provide a mechanism for gaining confidence in the relationship between a public

15
00:01:54,480 --> 00:02:00,420
key and the entity that owns the corresponding private key.

16
00:02:00,540 --> 00:02:07,450
You can think of a certificate as being similar to a driver driver's license.

17
00:02:07,500 --> 00:02:16,290
Many businesses accept a drivers license as a form of identification because the community accepts the

18
00:02:16,290 --> 00:02:22,550
license issuer a government institution as trustworthy.

19
00:02:23,070 --> 00:02:29,890
Because businesses understand the process by which someone can obtain a driver's license.

20
00:02:29,940 --> 00:02:40,170
They trust the issuer of verified the identity of the individual before issuing the license.

21
00:02:40,170 --> 00:02:48,030
Therefore the driver's license is acceptable as well it form of identification a certificate.

22
00:02:48,030 --> 00:02:51,600
Trust is established in a similar way.

23
00:02:51,660 --> 00:03:01,130
Now some words about certificate templates certificate templates allow administrators to customize the

24
00:03:01,190 --> 00:03:10,580
distribution method of certificates defined certificate purposes and mandate the type of usage that

25
00:03:10,580 --> 00:03:12,770
a certificate allows.

26
00:03:12,860 --> 00:03:22,070
Administrators can create templates and then can deploy them quickly to an enterprise by using built

27
00:03:22,070 --> 00:03:30,110
in graphical user interface or common client management tools associated with this certificate template

28
00:03:30,680 --> 00:03:40,760
is its description discretionary the excess Control List the decal defines which security principles

29
00:03:40,760 --> 00:03:50,660
have permissions to read and configure their template and what security principles can rule or use auto

30
00:03:50,660 --> 00:03:58,880
enrolment for certificates based on the template certificate templates and their permissions are defiant

31
00:03:58,880 --> 00:04:03,080
in 80 US and are well it within the forest.

32
00:04:03,290 --> 00:04:13,780
If more than one enterprise is running in the 80 days as forest permission changes will affect all sales.

33
00:04:13,880 --> 00:04:20,750
When you define a certificate template the definition of the certificate template must be available

34
00:04:21,350 --> 00:04:23,750
to all cities in the forest.

35
00:04:24,320 --> 00:04:32,350
You accomplish this when you store the certificate template information in the configuration name and

36
00:04:32,540 --> 00:04:42,110
context of a deed is the application of this information depends on the ADF application schedule and

37
00:04:42,680 --> 00:04:50,720
the certificate template might not be available to all seize until the application completes.

38
00:04:50,720 --> 00:04:57,210
Storage and replication occured automatically okay.

39
00:04:57,210 --> 00:05:05,320
Next up you'll be talking about certificate template versions and Windows Server 2016.